Security Alerts and Updates

  Susan Bradley’s Master Patch List  (Windows)
•  AskWoody Newsletters and Alerts
  Latest Security Updates for Apple Software
•  AV Mac Security Test & Review 2019
•  AV Real-World Protection Test February-May 2019

June, 2019  (Click listings for more information) .
24  Patch Lady – a new default I’m not fond of.
23  Win10 version 1903 disappearing Update settings described.
23  This Week in Security – by Zack Whittaker.
23  Dell patches SupportAssist, but other PC-Doctor software still vulnerable.
22  TripAdvisor invalidates member passwords found in data breaches.
22  OpenSSH to keep private keys encrypted at rest in RAM.
21  The Week in Ransomware – Backup, Backup, Backup!
21  LooCipher ransomware spreads its evil through spam.
21  Dell releases security advisory for Dell SupportAssist.
21  BlueKeep warnings boost patching in enterprise networks.
21  Win10 May 2019 updates break iSCSI SAN connectivity.
21  Microsoft releases out-of-band fixes for Win7 and Win8.1.
20  Win10 users are alerted if their PC isn’t ready for version 1903.
20  Desjardins Group data leak exposes info of 2.9 M members.
20  Microsoft releases Outlook for Android security update.
20  Mozilla Firefox 67.0.4 fixes 2nd actively exploited zero-day.
20  Apple security updates for AirPort 802.11n Wi-Fi Base Stations.
19  Microsoft prepares to autoupdate Windows 10 v1803 & earlier.
18  Windows 10 update released to fix privacy settings bug.
18  Department of Homeland Security email phishing scam.
18  Windows 10 updates released for all versions except 1903 & 1507.
18  Mozilla Firefox 67.0.3 patches actively exploited zero-day.
18  Open source clones unofficially sold on the Microsoft Store.
18  Google adds deceptive URL alerts to Chrome, URL add-on.
17  Android malware bypasses 2FA by stealing one-time passwords.
17  U.S. Govt achieves BlueKeep remote code execution, issues alert.
17  GandCrab 5.2 decryptor ends a bad ransomware story.
16  Phishing scam asks you to login to read encrypted message.
16  This Week in Security – by Zack Whittaker.
14  The Week in Ransomware – pyLocky and GandCrab cleans up.
14  Android Trojan leads users to scam sites via notifications.
14  WSH RAT malware targets bank customers with keyloggers.
14  AVG blocked Firefox’s access to saved passwords.
13  Mozilla Releases Security Update for Thunderbird.
13  Google Releases Security Updates for Chrome.
13  Twitter URLs can be manipulated to spread fake news & scams.
13  Microsoft is better at documenting patch problems, but….
12  Windows 10 v1903, v1809 updates break Event Viewer Custom Views.
12  Android’s security key now verifies sign-ins on iOS devices.
12  Flaw in Evernote add-on exposed sensitive data of millions.
12  Windows 10 v1903 upgrade blocked by USB drives partially fixed.
11  Intel releases security updates, mitigations for multiple products.
11  Microsoft releases June 2019 Office Updates with security fixes.
11  Microsoft blocks some Bluetooth devices due to security risks.
11  Patch Tuesday: Here’s what’s new for Windows 7 and 8.1.
11  Microsoft releases Windows 10 updates for all versions except for 1511.
11  June 2019 Patch Tuesday is rolling out.
11  Adobe releases security updates for Flash Player, ColdFusion, & Campaign.
10  Spam campaign controlled by attackers via DNS TXT records.
10  FBI issues warning on ‘secure’ websites used for phishing.
10  Make sure Windows automatic update is off.
09  This Week in Security – by Zack Whittaker.
09  VLC Media Player security updates were released on Friday.
09  Microsoft warns about email spam campaign abusing Office vul.
09  Opera, Brave, Vivaldi to ignore Chrome’s anti-ad-blocker changes.
07  The Week in Ransomware – GandCrab retires, and more.
07  Google search ads infiltrated again by tech support scams.
07  IRS Warns of New Tax Scams.
07  Google Chrome to limit Referer header size to block attacks.
07  The Windows 10 May 2019 Update is now available to anyone.
07  Windows 10 zero-day bug emerges from bypassing patched flaw.
06  New GoldBrute botnet is trying to hack 1.5 million RDP servers.
06  Phishing email warns: Add recovery number or account deleted.
06  Bug breaks Internet Explorer 11 on some Windows 10 versions.
06  Over 400,000 Opko Health clients impacted by AMCA data breach.
06  Microsoft warns against bypassing Office 365 spam filters.
04  NSA Releases Advisory on BlueKeep Vulnerability.
04  Chrome 75 released with 42 security fixes and new features.
04  New privacy features for Mozilla Firefox, Lockwise is live.
04  June 2019 non-Security Office updates are available.
04  It’s time to install the May Windows and Office patches.
03  Older Windows 10 versions get Intel Microcode updates for MDS vulns.
03  Windows 10 to require 32GB of storage only on new OEM PCs.
03  Improper app check revives the synthetic clicks issue in macOS Mojave.
03  Billing details for 11.9M Quest Diagnostics clients exposed.
02  Google outage in eastern U.S. affecting Gmail, YouTube, and more.
02  How to download a Windows 10 ISO by impersonating other devices.
02  This Week in Security – by Zack Whittaker.
02  New phishing scam asks you to manage your undelivered email.

May, 2019  (Click listings for more information) .
31  The Week in Ransomware – Maze, Sodinokibi, and more.
31  NVIDIA fixes high severity GeForce Experience vulnerabilities.
31  Zero-day flaw in Windows 10 Task Scheduler gets micropatch.
31  Microsoft warns users again to patch wormable BlueKeep flaw.
31  Phishing email states your Office 365 account will be deleted.
30  Apple releases security updates for AirPort Extreme, AirPort Time Capsule.
30  Windows 10 v1903 upgrade blocked due to some Intel drivers.
30  Google targeting deceptive install tactics for Chrome extensions.
30  Microsoft Patch Alert: Patching whack-a-mole continues.
29  Microsoft releases Windows 10 build 18362.145 (KB4497935).
28  Phishing Emails pretend to be Office 365 ‘file deletion’ alerts.
28  DuckDuckGo Android Browser vulnerable to URL spoofing attacks.
28  Windows 10 May 2019 Update blocked by old Bluetooth drivers.
27  Windows 10 losing connectivity from outdated Wi-Fi drivers.
27  Some Galaxy S10 devices reported freezing after the latest update.
26  Microsoft Weekly: 1903 for everyone, and more.
26  This Week in Security – by Zack Whittaker.
25  The Week in Ransomware – Smacking ’em down with decryptors.
25  Patch Lady – can’t upgrade if you have….
25  Windows 10 1903 being blocked if using older BattlEye software.
25  New unpatched macOS Gatekeeper bypass published online.
24  Using the Windows Sandbox to Stay Safe Online.
24  Firefox 67 switching to empty profiles causing data loss fears.
24  Windows 10 May 2019 Update not installing on some AMD systems.
24  First American Financial Corp. leaked millions of title insurance records.
23  Features being changed with the Windows 10 May 2019 Update.
23  Android users being spammed using fake missed call alerts.
23  Two more Windows 10 zero-day PoC exploits released.
22  Windows Release Health Dashboard now live.
22  GetCrypt Ransomware brute forces credentials, decryptor released.
22  Under Win10 1903, Edge refusing to open HTTPS sites.
22  New Windows 10 zero-day gets published to Github.
21  JSWorm 2.0 Ransomware decryptor gets your files back for free.
21  Microsoft issues new updates for Windows 10 v1803 & v1809.
21  Patch Lady – 1903 is now officially released.
21  Firefox 67 launches with WebRender and cryptomining blocker.
20  MuddyWater hacking group upgrades arsenal to avoid detection.
20  Over the weekend Microsoft issues updates to fix the ‘’ bug.
19  Google wants your phone to protect against account takeover attacks.
19  McAfee and Sophos are still having problems with patches.
19  This Week in Security – by Zack Whittaker.
18  Google is using your Gmail account to track your purchases.
17  The Week in Ransomware – BTW, It’s NOT Dead.
17  Windows 10 won’t boot when using System Restore after updating.
17  TeamViewer confirms undisclosed breach from 2016.
17  Over 12,000 MongoDB databases deleted by attackers.
16  Unsecured survey database exposes info of 8 million people.
16  Windows 10 KB4494441 update may be shown as installed twice.
15  Google discloses Bluetooth flaw in Titan Security Key.
15  Google Payment privacy settings hidden behind special URL.
15  Add-on fixes disabled extensions in older versions of Firefox.
15  Windows 10 Spectre 2 mitigation now uses Retpoline by default.
15  If you’re running Windows XP or 7 – patch them now.
15  Patch Lady – bookmark this page.
14  New RIDL and Fallout attacks impact all modern Intel CPUs.
14  Keyloggers injected in Web Trust Seal supply chain attack.
14  Microsoft patches flaw in Windows XP, 7 & Windows 2003.
14  Adobe Releases Security Updates.
14  Intel releases security updates, mitigations for products.
14  Apple Releases Multiple Security Updates.
14  WhatsApp spyware vulnerability.
14  May 2019 Patch Tuesday arrives.
13  Patch Lady – the battery problem.
13  Fxmsp chat logs reveal the hacked antivirus vendors.
13  Linksys Smart Wi-Fi routers leak info of connected devices.
13  Apple releases iOS 12.3 with new TV app and Channels feature.
13  Tomorrow is Patch Tuesday. Lock down Windows Update.
12  Hackers collecting payment details & passwords from 4,600 sites.
12  Blocking Hyperlink Auditing Tracking Pings with extensions.
12  April Monthly Rollups problems if you have Avira antivirus.
11  Patch Lady – seeing Outlook authentication issues.
10  The Week in Ransomware – MegaCortex, Jokeroo, & more.
10  NVIDIA patches Windows GPU Display Driver security flaws.
10  Fake Pirate Chick VPN pushed AZORult info stealing Trojan.
09  Mozilla to delete usage data collected from Firefox addon fix.
09  Site promoting KeePass password manager pushes malware.
09  Android Q Hardens Security, Adds Better Encryption.
08  Office update KB4462238 pulled due to freezing bug.
08  Dharma ransomware uses antivirus tool to distract victims.
08  UC Browser for Android vulnerable to URL spoofing attacks.
07  Firefox issues another fix for disabled extensions prob.
07  Researcher finds CSS method to track mouse movements.
07  May 2019 non-security Office updates have been released.
07  Tor Browser 8.0.9 released to fix disabled NoScript add-on.
07  Evil Clippy makes malicious Office docs that dodge detection.
06  Impact of consumer security software on system performance.
05  Firefox 66.0.4 released with fix for disabled Add-ons.
05  Fix for Tor Browser NoScript Add-on being disabled.
04  Firefox Add-ons being disabled due to an expired certificate.
03  The Week in Ransomware – Hello Dear Friend! – and more.
03  *2nd* 2nd cumulative update for Win10 version 1809 issued.
03  Now’s the time to install the April Windows and Office patches.
02  Mozilla to disable Firefox add-ons with obfuscated code.
02  Avira announces installing automatic update for affected users.
02  Scammers create Google search ads to lure popular site clients.
02  Google adds auto-delete option for location history & activity data.
01  Updates released for Windows 10 version 1809.
01  Dell computers open to attack by SupportAssist flaws.
01  iPad 2 series now listed under Apple’s obsolete products.
01  Database exposes medical info of 137k people in U.S.

April, 2019  (Click listings for more information) .
30  Google has released Chrome version 74.0.3729.131.
30  Facebook under investigation for harvesting contact lists.
30  Android users: watch out for this fake address bar trick.
30  Phishing campaign from ‘FBI Director Wray’ is hysterical.
29  Database leaks addresses, income of millions of Americans.
29  Tech support scammers freeze browsers using iframes.
29  Patch Alert – bluescreens for some AV products, & more.
28  Windows security update caused recent antivirus conflicts.
27  Fake Windows PC cleaner drops info-stealing Trojan.
26  The Week in Ransomware – Targeting the Enterprise.
26  Windows 7 & 10 cumulative updates released with fixes.
26  Google removes 46 Play Store apps by the same developer.
26  Over 2 million IoT devices vulnerable because of P2P flaws.
25  Updates released for all Windows 10 versions except 1809.
25  Apple fixes bug that briefly stalled app downloads & updates.
25  Devious Chase Bank phishing scam asks for selfies.
25  Apple issues voluntary recall for some AC wall plug adapters.
25  Emotet uses compromised devices as proxy command servers.
24  Apple updates XProtect to block ‘Windows’ malware on Macs.
24  Flaw lets attackers recover private keys from Qualcomm chips.
24  Qbot malware dropped via context-aware phishing campaign.
23  Chrome 74 released with 39 security fixes & new features.
23  Hotspot finder app blabs 2 million Wi-Fi network passwords.
23  Phone fingerprint scanner fooled by chewing gum packet.
22  Medical information of almost 150K rehab patients exposed.
22 discloses security breach.
22  Windows 10 CPU requirements updated for the May 2019 Update.
20  Patch Lady – .NET changes.
19  Google will block sign-ins from embedded browser frameworks.
19  McAfee antivirus also affected by the April patch for Windows 7.
18  Attack affects half a billion Apple iOS users via Chrome bug.
18  Facebook admits to storing plaintext passwords of Instagram users.
18  Some internet outages predicted for the coming month.
18  Here’s an easier way to block the IE XXE zero day.
18  Facebook admits to uploading email contacts of 1.5 million users.
17  Multiple vulnerabilities in Broadcom WiFi chipset drivers.
17  Internet Explorer browser flaw threatens all Windows users.
16  Malvertising Campaign used Chrome to hijack iOS user sessions.
16  Scranos rootkit expands operations to the rest of the world.
16  Win7/8.1/Server patch conflicts abated, somewhat.
15  Adblock Plus, AdBlock, & uBlocker filters can be exploited.
15  Mobile VPNs promoted by ‘You are infected’ or ‘Hacked’ ads.
15  A hacker has dumped nearly one billion user records.
15  Patched Windows 0-day provided full control over systems.
15  70 percent of attacks now target Office vulnerabilities.
13  The Nasty List phishing scam is sweeping through Instagram.
13  Microsoft discloses security breach of some Outlook accounts.
13  Samsung issues a security update for the Galaxy S10 & S10+.
13  RobbinHood Ransomware claims it’s protecting your privacy.
12  Patch Lady – so I don’t get it.
12  The Week in Ransomware – Targeting Reveton, & more.
12  NoScript extension officially released for Google Chrome.
12  IE zero-day lets hackers steal files from Windows PCs.
12  April 2019 Windows patches wreaked havoc on many PCs.
11  Companies are listening to what you say to their assistants.
11  Microsoft’s April 2019 Updates are causing Windows to freeze.
11  Two out of three hotels leak your sensitive data.
10  Dragonblood vulnerabilities disclosed in WiFi WPA3 standard.
10  Android devices can now be used as a security key via Bluetooth.
10  Reports of freezing with Win7 and Win8.1 monthly rollups.
09  Patch Tuesday comes with fixes for two Windows zero-days.
09  Cars were left exposed to thieves due to a hardcoded password.
09  AeroGrow discloses data breach by card skimming malware.
09  Cybercrime market selling full digital fingerprints of users.
09  April Patch Tuesday Windows and Office patches are out.
09  Microsoft admits nobody has the time to ‘safely remove’ USBs.
08  Mozilla will start showing vetted Firefox extensions this summer.
08  The Google features that Microsoft turned off in Chromium Edge.
08  Patch Tuesday’s coming, so lock down automatic updates.
06  Major browsers to prevent disabling of click tracking.
06  AI chatbot helps people find info on scams and frauds.
05  The Week in Ransomware – Pacman Wakka Wakka.
05  DoS vulnerability allows attacks on some MikroTik routers.
05  Surface Pro (2017) and Surface Pro 6 get firmware updates.
05  Cybercrime market with 385,000 members found on Facebook.
05  Beware of calls saying your Social Security number is suspended.
04  New update options for Win10 1903 explained.
04  Reports of bluescreen after installing Win10 1809’s KB 4490481.
03  Financial mobile apps fail to follow security standards.
03  Over 540 million Facebook records exposed on servers.
03  Credit card info skimming scripts infect websites.
02  Verizon customers targeted in phishing campaigns.
02  Google’s social network, Google+, shuts down today.
02  April 2019 non-Security Office Updates are available.
02  Cumulative update for Windows 10 version 1809 released.
02  It’s time to install the March Windows and Office patches.
01  Google fixes two critical Android vulnerabilities.
01  Microsoft Patch Alert: Most March patches look good.
01  Notepad++ adds GPG signature to verify authenticity.